Skip to:
Content

BuddyPress.org

Changeset 9043


Ignore:
Timestamp:
09/25/2014 05:17:36 PM (9 years ago)
Author:
r-a-y
Message:

Activity: Make sure a non-admin can delete their own activity.

Changes in r8697 broke this functionality due to a strict type check. The
activity user ID is a string, while the logged-in user is an integer.

Commit fixes this by typecasting the activity user ID as an integer and
adds a unit test.

Fixes #5900 (trunk).

Location:
trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/bp-activity/bp-activity-template.php

    r8975 r9043  
    16951695        // quite powerful, because doing so also deletes all comments to that
    16961696        // activity item. We should revisit this eventually.
    1697         if ( isset( $activity->user_id ) && ( $activity->user_id === bp_loggedin_user_id() ) ) {
     1697        if ( isset( $activity->user_id ) && ( (int) $activity->user_id === bp_loggedin_user_id() ) ) {
    16981698            $can_delete = true;
    16991699        }
  • trunk/tests/phpunit/testcases/activity/template.php

    r8958 r9043  
    5858    }
    5959
     60    /**
     61     * Test if a non-admin can delete their own activity.
     62     */
     63    public function test_user_can_delete_for_nonadmin() {
     64        // save the current user and override logged-in user
     65        $old_user = get_current_user_id();
     66        $u = $this->create_user();
     67        $this->set_current_user( $u );
     68
     69        // create an activity update for the user
     70        $this->factory->activity->create( array(
     71            'component' => buddypress()->activity->id,
     72            'type' => 'activity_update',
     73            'user_id' => $u,
     74        ) );
     75
     76        // start the activity loop
     77        bp_has_activities( array( 'user_id' => $u ) );
     78        while ( bp_activities() ) : bp_the_activity();
     79            // assert!
     80            $this->assertTrue( bp_activity_user_can_delete() );
     81        endwhile;
     82
     83        // reset
     84        $this->set_current_user( $old_user );
     85    }
    6086
    6187    /**
Note: See TracChangeset for help on using the changeset viewer.